Re: WebInspect

From: Kevin Spett (kspett@spidynamics.com)
Date: 02/19/03

Next message: David Litchfield: "Re: WebInspect"

Previous message: Bob Radvanovsky: "Re: login banners"
In reply to: Indian Tiger: "WebInspect"
Next in thread: David Litchfield: "Re: WebInspect"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "Kevin Spett" <kspett@spidynamics.com>
To: "Indian Tiger" <indiantiger@mailandnews.com>, <pen-test@securityfocus.com>
Date: Wed, 19 Feb 2003 17:22:57 -0500

It's just noting that WebDAV support is enabled on the webserver. The
"Execution" report data just explains how to confirm that WebDAV is
functioning. If you recieve an XML response, the check is functioning
correctly (I've just double checked it and it certaintly should be). For
more information on how to use WebDAV, see RFC 2518
(http://www.ietf.org/rfc/rfc2518.txt).

If you're SmartUpdated to the latest vuln signatures that should be listed
as an information-level issue. It is not a "serious" security issue that
can be used to hack the server per se. Look at the high- and critical-level
vulnerabilities for issues that can be used to gain access to sensitive
information, execute commands, etc.

By the way, if you have any more questions about WebInspect scan results,
don't do anything crazy like email support@spidynamics.com instead of the
pen-test mailing list.

Kevin Spett
SPI Labs
http://www.spidynamics.com/

----- Original Message -----
From: "Indian Tiger" <indiantiger@mailandnews.com>
To: <pen-test@securityfocus.com>
Sent: Sunday, January 19, 2003 10:38 AM
Subject: WebInspect

> Hi,
>
> I was using WebInspect and found Web DAV Support enabled.
> It's execution part suggests following to exploit:
>
> Issue the following request to the server:
> PROPFIND / HTTP/1.0
> Host:
> Content-Length: 0
> I can't understood, how to use these commands to exploit this
vulnerability.
> --------------------------------------------------------------------------

--
> IIS was not showing any log after running WebInspect.
> I think the directory for this is c:\winnt\system32\logfiles
> --------------------------------------------------------------------------
--
>
> Sincerely,
>
> Balwant Rathore, CISSP
>
>
> --------------------------------------------------------------------------
--
>
> Do you know the base address of the Global Offset Table (GOT) on a Solaris
8
> box?
> CORE IMPACT does.
> www.securityfocus.com/core
>
>
----------------------------------------------------------------------------
Do you know the base address of the Global Offset Table (GOT) on a Solaris 8
box?
CORE IMPACT does.
http://www.securityfocus.com/core

Next message: David Litchfield: "Re: WebInspect"
Previous message: Bob Radvanovsky: "Re: login banners"
In reply to: Indian Tiger: "WebInspect"
Next in thread: David Litchfield: "Re: WebInspect"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]